Files within WEB-INF directory readable by using velocity

By executing

{{velocity}}
#parse('WEB-INF/xwiki.cfg')
{{velocity}}

it is possible to read files within the WEB-INF folder like e.g. xwiki or hibernate config files.

We fixed this on our system and you should get a GitHub pull request in the next minutes.